commit b899b56326e9f1a48c40a2d233138612a975eeac Author: Isis Lovecruft isis@torproject.org Date: Sun Aug 17 01:31:03 2014 +0000
fixup! Bug #6253: Add canvas image extraction prompt.
Modify Pearl Crescent's #7265 patch to log all HTML5 canvas access attempts. --- content/canvas/src/CanvasUtils.cpp | 42 ++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 7 deletions(-)
diff --git a/content/canvas/src/CanvasUtils.cpp b/content/canvas/src/CanvasUtils.cpp index 203dd92..f2f4536 100644 --- a/content/canvas/src/CanvasUtils.cpp +++ b/content/canvas/src/CanvasUtils.cpp @@ -33,6 +33,8 @@ using namespace mozilla::gfx; #include "mozIThirdPartyUtil.h" #include "nsContentUtils.h" #include "nsUnicharUtils.h" +#include "nsPrintfCString.h" +#include "nsIConsoleService.h"
#define TOPIC_CANVAS_PERMISSIONS_PROMPT "canvas-permissions-prompt" #define PERMISSION_CANVAS_EXTRACT_DATA "canvas/extractData" @@ -79,14 +81,40 @@ IsImageExtractionAllowed(nsIDocument *aDocument) isAllowed = (permission == nsIPermissionManager::ALLOW_ACTION);
if (!isAllowed && (permission != nsIPermissionManager::DENY_ACTION)) { - // Send notification so that a prompt is displayed. - nsCString spec; - rv = uri->GetSpec(spec); + // Log all attempted canvas access and block access by third parties. + bool isThirdParty = true; + nsIURI *docURI = aDocument->GetDocumentURI(); + rv = thirdPartyUtil->IsThirdPartyURI(uri, docURI, &isThirdParty); + NS_ENSURE_SUCCESS(rv, false); + + nsCString firstPartySpec; + rv = uri->GetSpec(firstPartySpec); + nsCString docSpec; + docURI->GetSpec(docSpec); + nsPrintfCString msg("On %s: blocked access to canvas image data" + " from %s ", // L10n + firstPartySpec.get(), docSpec.get()); + + nsCOMPtr<nsIConsoleService> console + (do_GetService(NS_CONSOLESERVICE_CONTRACTID)); + if (console) + console->LogStringMessage(NS_ConvertUTF8toUTF16(msg).get()); + + // Log every canvas access attempt to stdout if debugging: +#ifdef DEBUG + printf("%s\n", msg.get()); +#endif + // Ensure URI is valid after logging, but before trying to notify the + // user: NS_ENSURE_SUCCESS(rv, false); - nsCOMPtr<nsIObserverService> obs = - mozilla::services::GetObserverService(); - obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT, - NS_ConvertUTF8toUTF16(spec).get()); + + if (!isThirdParty) { + // Send notification so that a prompt is displayed. + nsCOMPtr<nsIObserverService> obs = + mozilla::services::GetObserverService(); + obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT, + NS_ConvertUTF8toUTF16(firstPartySpec).get()); + } } } }
tor-commits@lists.torproject.org